creativeneko - stock.adobe.com

TSB calls on Meta to intervene and protect users from fraud losses of £250m this year

TSB is the latest bank to demand more action from social media sector in helping to reduce online fraud

TSB has called on social media giant Meta to do more to prevent online fraud that emanates in its platforms, which it said could see UK consumers lose £250m to scammers this year.

The UK high street bank’s CEO Robin Bulloch has written to Meta calling on it to introduce fraud prevention measures because 80% of the money the bank has refunded is to customers defrauded by scams originating on the social media firm’s platforms.

Bulloch told Meta – which owns Facebook, Instagram and WhatsApp – that it must put in “tech interventions” to prevent users of its platforms falling victim to fraud.

TSB said: “Projections from industry data and current fraud levels show that without the tech interventions required to protect consumers from fraud, scams originating on Meta platforms could account for up to £250m of push payment losses to UK households in 2023.” 

Scams such as Authorised Push Payment (APP) fraud occur when consumers are tricked into making payments to fraudsters through platforms such as fake websites and messages, which often emanate from social media. TSB estimates that more than 70,000 purchase fraud cases took place on Facebook Marketplace in 2022. 

APP fraud caused losses of $789.4m to UK citizens in 2021, which could rise to $1.56bn by 2026, according to a report from payments software supplier ACI Worldwide and analytics firm GlobalData.

Despite the banks using the latest security systems in place and adhering to strict regulations, fraudsters manage to commit these crimes because the payments are authorised by the account users, meaning they get through bank security systems. But it is the banks that are mandated to reimburse customers. Earlier in June, the Payment Systems Regulator made it mandatory for victims of authorised push payment (APP) fraud to be reimbursed within five days.

Paul Davis, director of fraud prevention at TSB, said Meta needs to face up to its responsibility. “It has a duty of care to the millions of customers who use its platforms, which is more important when we see innocent people lose life-changing sums every day. 

“Today, we have written to Meta demanding it puts in place the tech interventions urgently required to stem the tide of fraud and protect the many consumers who put faith in its services.” 

The banking sector is united on the need for tech firms to do more to stop online fraud. In May, Lloyds Banking Group called on the tech sector to control the “social media Wild West” to help reduce fraud. The bank said it has invested hundreds of millions of pounds in advanced security systems to protect its customers, alongside employing thousands of staff dedicated to fighting fraud.

“Relying on the banking sector alone to detect scams and provide refunds means those platforms where most of the fraud starts have no incentive to stop it. [We are] calling for technology and telecommunications companies to do more to stop scams at source and play their part in refunding victims of fraud, which originates on their platforms,” said a Lloyds banking group statement.

TSB’s recommendation to Meta

  • Introduce a secure payment mechanism so people using Facebook Marketplace can pay for goods safely. Marketplace transactions do not currently go through a recognised payments system and payments can take place directly from a victim to a fraudster.
  • Stop unregulated firms in the UK using Facebook and Instagram to advertise investments and financial products, including cryptocurrencies. Issue a clear public commitment to investigating – and, where confirmed, removing – all content flagged as potentially fraudulent within 24 hours.  
  • Filter out and block obviously fraudulent adverts and social media posts.
  • Flag to WhatsApp users when they’re contacted from new numbers and warn them to check that the numbers are genuine.

    A Meta spokesperson said: “This is an industry-wide issue and scammers are using increasingly sophisticated methods to defraud people in a range of ways including email, SMS and offline. We don’t want anyone to fall victim to these criminals which is why our platforms already have systems to block scams, financial services advertisers now have to be FCA authorised to target UK users and we run consumer awareness campaigns on how to spot fraudulent behaviour. People can also report this content in a few simple clicks and we work with the police to support their investigations.”

    In 2021, Anne Boden, founder of digital challenger Starling Bank, called for cooperation between different sectors to clamp down on authorised push payment (APP) fraud.

    In a blog post at the time, Boden said other sectors must shoulder some responsibility for APP scams, particularly social media platforms. “Banks invest billions of pounds in tackling economic crime, but we cannot stop it on our own,” she wrote.

    “Very often, [social media] accounts are used for advertising for ‘money mules’ for the purposes of money laundering, selling stolen identity and credit card data, phishing, bogus investment scams and impersonation fraud.”

    Boden said banks “seem to have become the underwriter of all kinds of fraud that are not really financial fraud at all”.

    In February, the Lending Standards Board (LSB), which provides independent oversight of banks that voluntarily sign up to its Contingent Reimbursement Model Code, called on signatory banks to introduce transaction monitoring technology that can identify authorised push payment (APP) fraud.

    The LSB has set a deadline of December 2023 for banks to be monitoring payments to enable them to spot suspicious accounts that may belong to scammers committing APP fraud.

    Read more about authorised push payment fraud

    Read more on IT for financial services